Salt Typhoon Snooping: China Hacks US Telecoms in Cyber Siege

This is your Silicon Siege: China's Tech Offensive podcast.

Ever get that feeling your phone is listening, your cloud is leaking, and somewhere, in a glass tower in Shenzhen, a team of hackers is asking, “What’s next on the American menu?” Hi, Ting here—your cyber sherpa through the thickening fog of the Silicon Siege. Buckle up, because China’s tech offensive in the last two weeks has been less of a polite knock on the firewall and more of a coordinated battering ram.

Let’s get straight to the main act: Salt Typhoon. No, not a K-pop band, but the codename for the audacious hacking operation orchestrated with the help of three Chinese companies—Beijing Huanyu Tianqiong Information Technology, Sichuan Zhixin Ruijie Network Technology, and Sichuan Juxinhe Network Technology. According to a joint 37-page technical report by the FBI, the NSA, CISA, plus allies from the UK, Japan, Germany, and others, Salt Typhoon targeted the heart of U.S. technological infrastructure. They breached AT&T and Verizon, snarfing up millions of text messages and call records—yes, even those of senior policymakers around D.C. That’s not just gossip fodder; that’s strategic reconnaissance. Imagine knowing exactly who is talking to whom, when, and where. Both AT&T and Verizon say they’ve since kicked the hackers out, but as any CISO will tell you, once you’ve found termites, you don’t just assume the wood is fine.

Industrial espionage? Absolutely. These companies, described by Dakota Cary of SentinelOne as functioning businesses, not mere MSS fronts, ran collection ops so sophisticated they could pass as contractors at a Silicon Valley job fair. According to NuHarbor Security, this full-court press is the late-stage execution of China’s 14th Five-Year Plan—the ultimate sprint to dominate AI and digital infrastructure as the plan ends in December 2025. In effect, these hacks weren’t random. They were table-setters for future disruption: think sleeper access buried deep inside telecom, utilities, even the procurement chain for critical tech components.

Speaking of supply chains, Chinese APT groups like Salt Typhoon, Operator Panda, and GhostEmperor have been exploiting router vulnerabilities—Cisco, Palo Alto Networks, Ivanti, you name it—modifying configurations to enable remote command and persistent, stealthy access. According to Cyble, once inside, they manipulate access control lists, expose unusual ports, and create a back door that legit traffic can’t reveal. So even if you patch, remember: the ghost in the machine might already be wearing your uniform.

As we look ahead, the expert chorus is clear: critical infrastructure will stay in the crosshairs, zero-day exploits will spike, and AI-powered deepfakes and phishing campaigns will try to weaponize any fire they start—especially with the 15th Five-Year Plan looming. Dakota Cary summed it up best: no U.S. company would be asked to hack Xi Jinping’s phone, yet China’s Ministry of State Security deputized private enterprise to do just that, but in reverse.

Thanks for tuning in. Don’t forget to subscribe for all things China, cyber, and the high-stakes digital cat-and-mouse. This has been a quiet please production, for more check out quiet please dot ai.

For more http://www.quietplease.ai


Get the best deals https://amzn.to/3ODvOta